/// <summary> /// 处理授权失败的请求。 /// </summary> /// <param name="actionContext">上下文。</param> /// <param name="result">功能权限验证结果</param> protected virtual void HandleUnauthorizedRequest(HttpActionContext actionContext, AuthorizationResult result) { if (actionContext == null) { throw new ArgumentNullException("actionContext"); } AuthorizationResultType type = result.ResultType; string msg = StringToISO_8859_1(result.Message); switch (type) { case AuthorizationResultType.LoggedOut: actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.Unauthorized, msg); break; case AuthorizationResultType.PurviewLack: actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.Forbidden, msg); break; case AuthorizationResultType.FunctionLocked: actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.Gone, msg); break; case AuthorizationResultType.FunctionNotFound: actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.NotFound, msg); break; case AuthorizationResultType.Error: actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.InternalServerError, msg); break; } }
/// <summary> /// Processes HTTP requests that fail authorization. /// </summary> /// <param name="filterContext">Encapsulates the information for using <see cref="T:System.Web.Mvc.AuthorizeAttribute"/>. The <paramref name="filterContext"/> object contains the controller, HTTP context, request context, action result, and route data.</param> /// <param name="result">权限验证结果</param> protected virtual void HandleUnauthorizedRequest(AuthorizationContext filterContext, AuthorizationResult result) { AuthorizationResultType type = result.ResultType; switch (type) { case AuthorizationResultType.LoggedOut: filterContext.Result = new HttpUnauthorizedResult(); break; case AuthorizationResultType.PurviewLack: filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden); break; case AuthorizationResultType.FunctionLocked: filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Gone, "Function is Locked"); break; case AuthorizationResultType.FunctionNotFound: filterContext.Result = new HttpNotFoundResult(); break; case AuthorizationResultType.Error: filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.InternalServerError); break; } }
public AuthorizationResult(AuthorizationResultType authType, UserContextBase context = null, string detail = null) { AuthType = authType; Context = context; Detail = detail; }